LogInThey are apparently "memory-unsafe."
While JavaScript and Python are becoming more popular every year, C and C++ are still the preferred programming languages of many developers. However, they might want to start learning something else because the US government called the two "memory-unsafe" and asked coders to ditch them.
As reported by The Register, the US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI published a "guidance to urge software manufacturers to reduce customer risk by prioritizing security throughout the product development process."
"The development of new product lines for use in service of critical infrastructure or NCFs in a memory-unsafe language (e.g., C or C++) where there are readily available alternative memory-safe languages that could be used is dangerous and significantly elevates risk to national security, national economic security, and national public health and safety."
Products written in these languages that won't publish a memory safety roadmap by January 1, 2026, are deemed dangerous, posing a risk "to national security, national economic security, and national public health and safety."
The roadmap should show the manufacturer's approach to eliminating memory safety vulnerabilities and ways to their significant reduction. "This does not apply to products that have an announced end-of-support date that is prior to January 1, 2030."
Long story short, the solution the CISA and FBI suggested? To stop using memory-unsafe languages like C and C++. More specifically, to "build products in a manner that systematically prevents the introduction of memory safety vulnerabilities, such as by using a memory safe language or hardware capabilities that prevent memory safety vulnerabilities."
Epic Games
The problem with this advice is that it's not easy to just rebuild a system in another language, and this might cause countless issues in products' functionality. Game developers might also be affected as Unreal Engine is written in C++, while Blender uses C and C++, so no one knows what this plan can change.
What language do you use for your projects? Read the Product Security Bad Practices report here and join our 80 Level Talent platform and our new Discord server, follow us on Instagram, Twitter, LinkedIn, Telegram, TikTok, and Threads, where we share breakdowns, the latest news, awesome artworks, and more.